This procedure provides a detailed sequence of all of the necessary steps that you need to perform in the WS consumer. This example uses the SOA Manager individual configuration.
You have released the scenario, as described in SAP Note 1320198.
If you are using one of the following SSO/STS scenarios, the following prerequisites must be fulfilled.
STS scenario with symmetic key for confirming signature (authentication only)
STS Scenario with Asymmetirc Consumer Key for Confirming Signature (Authentication Only)
Messages between the WS provider and WS consumer are secured, either at transport level with the Secure Sockets Layer protocol (HTTPS) or at message level (symmetric message signature and encryption). In the case of symmetric message encryption, you need to import the encryption certificate of the WS provider into the PSE WSSCRT in the Trust Manager of the WS consumer.
You have received the WSDL document of the WS provider that you require to configure the WS consumer.
You have the STS data, in particular, the STS URL and the STS MEX URL.
Create the logical port for the connection to STS.
In the SOA Manager of the WS consumer, on the Service Administration tab page, choose the link Configuration of Individual Services.
Find the consumer proxy that is to be used to access the service end point, and for which you want to define a logical port.
Internal Name: CO_WSSESECURITY_TOKEN_SERVICE, External Name Name: SecurityTokenServiceIn.
Select the consumer proxy in the list of search results and choose Apply Selection.
On the Configurations tab page, choose the Create Log. Port button.
Specify the following in the dialog box:
The name of the new service
The name of the logical port and its description
For configuration type, select the Meta Data Exchange Protocol radio button
The STS MEX URL
Note
Use HTTP or HTTPS in the URL, depending on whether you have configured SSL for the connection between STS and the WS consumer.
The STS endpoint URL
Note
You can only use this URL for one logical port. The logical port set up with the URL is available for all WS consumer configurations.
The MEX access user that you specified in STS
The MEX user password that you specified in STS
Choose the Copy settings button.
Scroll down.
If necessary, in the Encryption Certificate field, enter the STS encryption certificate that you previously imported into the PSE WSSCRT of the WS consumer with transaction STRUST.
If applicable, in the Signature Certificate field, specify the signature certificate of the WS consumer that you previously created with transaction STRUST in the WS consumer's PSE WS-Security Other System Encry (WSSKEY).
Save your entries.
Create the logical port for the connection to the WS provider. If errors occur because no logical port has been created for STS, refer to SAP Note 1319507 (section 2.b).
In the SOA Manager of the WS consumer, on the Service Administration tab page, choose the link Configuration of Individual Services.
Find the consumer proxy that is to be used to access the service end point, and for which you want to define a logical port.
Select the consumer proxy in the list of search results and choose Apply Selection.
On the Configurations tab page, choose the Create Log. Port button.
Specify the following in the dialog box:
The name of the new service
The name of the logical port and its description
For configuration type, select the WSDL-Based Configuration button
Under WSDL access settings, select the Using HTTP Access radio button
Under WSDL location, copy the URL that you called for the WSDL document in the WS provider to the field URL for WSDL Access:.
WSDL Access User: Any user
WSDL Access user Password: User's password
Choose the Copy settings button.
Scroll down.
If applicable, in the Encryption Certificate field, specify the encryption certificate of the WS Provider system that you imported above.
Save your entries.